Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
File: 440b3734-74c6-4eea-9712-42440de9c3b4.roa (raw, json)
Hash identifier: 18Z4XlyhqLZmoM+L8QNXHLIzx0t45SSfHoHAW9gC1WM=
Subject key identifier: 24:28:5D:BC:2B:84:EE:9C:EA:55:B5:31:64:95:0B:06:57:7C:4A:BF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4797C96C709A4648512E7CC2AFDBFE0431D366C7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
Signing time: Wed 03 Sep 2025 00:30:10 +0000
ROA not before: Wed 03 Sep 2025 00:30:10 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:97:c9:6c:70:9a:46:48:51:2e:7c:c2:af:db:fe:04:31:d3:66:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:30:10 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=be7cee936bcca1fee2502f87bde2d081aea02b31b01250e32b23c994fdb3b15e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8a:44:b0:87:6d:a3:9a:7a:aa:e5:4e:ab:e6:
d1:fa:b4:c6:d9:d1:c9:f6:bb:35:36:64:a0:fe:d1:
6e:eb:24:54:e1:df:f6:0c:e1:1e:dd:9d:d3:3c:6c:
e1:0f:80:7e:b4:c7:9a:6c:2b:6c:58:7f:a9:bf:dc:
5b:2c:de:3c:0e:45:93:5e:c7:60:bb:64:43:d2:a1:
b4:26:b9:72:fd:5d:d5:54:68:12:26:59:a1:82:5c:
44:34:a7:05:6e:93:9d:e7:55:e0:d9:2b:75:22:ea:
83:b2:d8:39:0d:7a:88:83:50:f7:7e:33:45:1c:0c:
e1:f3:73:45:4c:95:fa:8a:f5:25:b3:ad:0d:b2:df:
a0:7b:bf:df:b8:48:bc:35:85:aa:8b:00:9e:ff:5f:
09:79:8e:dc:22:36:a3:d9:2e:81:ad:b1:2c:c2:3d:
3f:fe:8e:df:2f:60:94:8d:8b:83:33:c6:03:3c:7f:
d8:bd:ac:28:b8:61:f5:89:1e:a7:fd:34:d1:0f:ba:
a8:28:f1:5a:77:fa:bb:43:6a:39:45:ed:ee:28:5f:
b6:be:56:35:39:47:e3:88:97:4b:16:4d:1d:54:fb:
6f:4d:0c:73:ca:13:64:6a:39:b8:4d:10:0b:e0:47:
20:a5:b2:4e:88:42:cf:4e:fd:12:c8:4a:25:df:8a:
3e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:28:5D:BC:2B:84:EE:9C:EA:55:B5:31:64:95:0B:06:57:7C:4A:BF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7::/36
Signature Algorithm: sha256WithRSAEncryption
42:3e:57:90:dc:1b:98:4a:70:07:2e:0b:9d:d2:37:54:16:5b:
d8:0d:6a:13:27:50:db:9c:e0:7d:b8:2b:0f:e2:8e:d5:51:43:
34:4b:9e:65:b3:94:8e:09:f9:4b:ba:03:fd:2d:a6:80:b2:74:
c6:3f:49:29:21:37:81:f7:c9:cc:fc:99:7c:e7:03:5f:0f:cd:
de:d0:5a:dc:2c:70:1d:4d:f4:88:2f:4a:5c:40:79:96:18:75:
c0:82:69:62:be:e7:9a:fe:ea:cd:c2:b5:cd:e3:36:4d:6d:40:
3d:a5:8f:6d:02:20:e5:af:35:0e:37:27:58:63:76:a9:13:7e:
19:5f:5a:c9:fc:c0:18:24:1d:ff:c7:28:95:dd:3d:cf:d2:bb:
39:aa:7f:b5:a1:12:20:95:da:8f:42:59:44:bf:06:a3:c1:b8:
0b:a7:5d:bc:7e:0a:2a:f4:67:9f:aa:79:d9:32:ef:b0:78:ff:
f7:80:c6:6f:51:d4:3a:c6:6e:b6:30:79:ff:79:89:6a:72:39:
42:20:ce:26:28:73:63:45:15:e3:31:fe:4b:bd:37:6a:8b:2d:
56:01:d9:82:84:9b:de:b2:29:0f:18:a1:77:d5:91:6a:25:59:
45:2d:ac:96:2f:5c:f7:3e:6d:57:42:b1:a5:00:22:75:48:6f:
63:cb:85:de
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR5fJbHCaRkhRLnzCr9v+BDHTZscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDMwMTBaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlN2NlZTkzNmJjY2ExZmVlMjUwMmY4N2JkZTJkMDgxYWVhMDJiMzFiMDEy
NTBlMzJiMjNjOTk0ZmRiM2IxNWUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGKRLCHbaOaeqrlTqvm0fq0xtnRyfa7NTZkoP7RbuskVOHf9gzhHt2d0zxs
4Q+AfrTHmmwrbFh/qb/cWyzePA5Fk17HYLtkQ9KhtCa5cv1d1VRoEiZZoYJcRDSn
BW6TnedV4NkrdSLqg7LYOQ16iINQ934zRRwM4fNzRUyV+or1JbOtDbLfoHu/37hI
vDWFqosAnv9fCXmO3CI2o9kuga2xLMI9P/6O3y9glI2LgzPGAzx/2L2sKLhh9Yke
p/000Q+6qCjxWnf6u0NqOUXt7ihftr5WNTlH44iXSxZNHVT7b00Mc8oTZGo5uE0Q
C+BHIKWyTohCz079EshKJd+KPhcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkKF28
K4TunOpVtTFklQsGV3xKvzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDQwYjM3MzQtNzRjNi00ZWVhLTk3MTItNDI0NDBkZTljM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cA
MA0GCSqGSIb3DQEBCwUAA4IBAQBCPleQ3BuYSnAHLgud0jdUFlvYDWoTJ1DbnOB9
uCsP4o7VUUM0S55ls5SOCflLugP9LaaAsnTGP0kpITeB98nM/Jl85wNfD83e0Frc
LHAdTfSIL0pcQHmWGHXAgmlivuea/urNwrXN4zZNbUA9pY9tAiDlrzUONydYY3ap
E34ZX1rJ/MAYJB3/xyiV3T3P0rs5qn+1oRIgldqPQllEvwajwbgLp128fgoq9Gef
qnnZMu+weP/3gMZvUdQ6xm62MHn/eYlqcjlCIM4mKHNjRRXjMf5LvTdqiy1WAdmC
hJvesikPGKF31ZFqJVlFLayWL1z3Pm1XQrGlACJ1SG9jy4Xe
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:40 2025 by rpki-client